www.randofamilleane.fr Open in urlscan Pro
2001:41d0:1:1b00:213:186:33:3  Malicious Activity! Public Scan

Submitted URL: https://u.to/6l73GQ
Effective URL: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Submission Tags: falconsandbox
Submission: On October 21 via api from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2001:41d0:1:1b00:213:186:33:3, located in France and belongs to OVH, FR. The main domain is www.randofamilleane.fr.
This is the only time www.randofamilleane.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: KeyBank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 195.216.243.155 57724 (DDOS-GUARD)
2 4 2001:41d0:1:1... 16276 (OVH)
8 4
Apex Domain
Subdomains
Transfer
4 randofamilleane.fr
www.randofamilleane.fr
143 KB
1 u.to
u.to
1 KB
0 yadro.ru Failed
counter.yadro.ru Failed
0 yandex.ru Failed
mc.yandex.ru Failed
8 4
Domain Requested by
4 www.randofamilleane.fr 2 redirects u.to
www.randofamilleane.fr
1 u.to
0 counter.yadro.ru Failed
0 mc.yandex.ru Failed u.to
8 4

This site contains no links.

Subject Issuer Validity Valid
u.to
GoGetSSL RSA DV CA
2020-10-09 -
2021-10-09
a year crt.sh

This page contains 2 frames:

Primary Page: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Frame ID: 7367F4BDA91E44E3761437ABC6CBD140
Requests: 22 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8CEC170ECA40962575DAFD61E540CC8E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://u.to/6l73GQ Page URL
  2. http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

13 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

196 kB
Transfer

590 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.to/6l73GQ Page URL
  2. http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg HTTP 303
  • http://www.randofamilleane.fr/fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg HTTP 303
  • http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 6l73GQ
u.to/
1 KB
1 KB
Document
General
Full URL
https://u.to/6l73GQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
0ca9e7c4374c930d7c023c8d4d1d8cf9c71fce1bcdda654fcf1123f41b5a42a4

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.8.0
Date
Wed, 21 Oct 2020 02:16:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Thu, 21-Oct-2021 02:16:42 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip
tag.js
mc.yandex.ru/metrika/
0
0

Primary Request /
www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
504 KB
142 KB
Document
General
Full URL
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Requested by
Host: u.to
URL: https://u.to/6l73GQ
Protocol
HTTP/1.1
Server
2001:41d0:1:1b00:213:186:33:3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/5.6
Resource Hash
2b0cf3798636fb6d1a119bcb49cf3c8f817264315e4298c576810966fb16c97c

Request headers

Host
www.randofamilleane.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 02:16:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
Apache
X-Powered-By
PHP/5.6
Vary
Accept-Encoding
Content-Encoding
gzip
X-IPLB-Request-ID
00000000:A1E6_00000000:0050_5F8F9A0A_3611:26B25
X-IPLB-Instance
28302
hit;utostat
counter.yadro.ru/
0
0

truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8750355c472cd02b500c3098067843d22a3cf8a4d54dfb0300d274e81b30f448

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
21 KB
21 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddfd4b05469490c09cbeb9ad8a8ea32422f50ada7ec4b7a0fdcd5b5430c666f6

Request headers

Origin
http://www.randofamilleane.fr
Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4

Request headers

Origin
http://www.randofamilleane.fr
Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff
kds.svg
www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/
Redirect Chain
  • http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg
  • http://www.randofamilleane.fr/fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg
  • http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg
0
0
Other
General
Full URL
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg
Requested by
Host: www.randofamilleane.fr
URL: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Protocol
HTTP/1.1
Server
2001:41d0:1:1b00:213:186:33:3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / PHP/5.6
Resource Hash

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Oct 2020 02:16:43 GMT
Server
Apache
X-IPLB-Request-ID
00000000:A1E6_00000000:0050_5F8F9A0B_3615:26B25
X-Powered-By
PHP/5.6
X-IPLB-Instance
28302
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-cache
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Wed, 21 Oct 2020 02:16:43 GMT
Server
Apache
X-IPLB-Request-ID
00000000:A1E6_00000000:0050_5F8F9A0B_3614:26B25
X-Powered-By
PHP/5.6
X-IPLB-Instance
28302
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/images/kds.svg
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
870 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5600b36a3c5c47a2c366f98ae5374a56bfa878f578d05f59b9b0b8cc8ee3a68b

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
853 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4459500680cc63a7fe3012983bee023b97644f5f2526e616b96fc897e64a2443

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
229 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc66c896bf327751c8479c52bcde322bdf627a3e84f5305f873bc1e535b3b399

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2689c76a522bd9b411ac288799b1c1dd18e2f96bb284de840926828af59c8517

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8CEC
474 B
474 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a929681043fe76bcb364fc42d1142b3b5dbcb7dedd1f25c27ceab5e832c5761

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/

Response headers

Content-Type
text/html;charset=utf-8
ee9bcc12-edb1-4965-94f5-db71da8946e0
http://www.randofamilleane.fr/
1 KB
0
Image
General
Full URL
blob:http://www.randofamilleane.fr/ee9bcc12-edb1-4965-94f5-db71da8946e0
Requested by
Host: www.randofamilleane.fr
URL: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26de07dd73786374a807a360158c28f7e6f4ac3be0ad17d2401521e5a289465c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
1303
Content-Type
image/png
060b49fe-0030-4f5a-b4fb-e31e02400b01
http://www.randofamilleane.fr/
283 B
0
Image
General
Full URL
blob:http://www.randofamilleane.fr/060b49fe-0030-4f5a-b4fb-e31e02400b01
Requested by
Host: www.randofamilleane.fr
URL: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee6ef2ab637e9e6fe99885c6ac5948072f04b4dee3961e9e0fee05f04b4463f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
283
Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4d092bf6f1756eab6bba58b7b7da260bd95ecd474c03f71d9893a0dbb1106e3

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70bfde3380108ca258f296bd76167e4ff5b6f7418e0f62064acd359e35e66281

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
37f6c6d6-d041-4ebc-b570-326e640a2cba
http://www.randofamilleane.fr/
925 B
0
Image
General
Full URL
blob:http://www.randofamilleane.fr/37f6c6d6-d041-4ebc-b570-326e640a2cba
Requested by
Host: www.randofamilleane.fr
URL: http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6926b522cfe3ccd8341359a8885f3a943826ef1683d3c9576e21902b061329ce

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
925
Content-Type
image/png
truncated
/
932 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10e7fdbaeade51e1f7f593355cd292d750e68d6b412e9ddfcea8ebcc2b4d5c3b

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0de9fcadbcfe80e38edfafd43d58be839af4fb14533079dae76b9168b4229e8

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40cd18bafa4b8c016fb9062868737207dcad9898139431d94116e240c4f3cb33

Request headers

Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9175c083dd30b9aafd6339f49b57c47f11ff513fedf5574aeea52f34cb230a1

Request headers

Origin
http://www.randofamilleane.fr
Referer
http://www.randofamilleane.fr/images/banners/ibxolb/ibxolb/login/index-html/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/tag.js
Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/6l73GQ;1603246602927

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: KeyBank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes function| savepage_ContentLoaders

2 Cookies

Domain/Path Name / Value
www.randofamilleane.fr/ Name: f3c7a86cdf4615b7134e48c4c2b071cf
Value: fr-FR
www.randofamilleane.fr/ Name: 676da13f30e9c4cfb04681c8d413cb71
Value: bd694710a8f5d9d5c34a840a6ae15245

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
mc.yandex.ru
u.to
www.randofamilleane.fr
counter.yadro.ru
mc.yandex.ru
195.216.243.155
2001:41d0:1:1b00:213:186:33:3
07eeecd82d157b4f6d4147ede1b838e77e5e772e74307a3f53cf9c4afdffa15e
0ca9e7c4374c930d7c023c8d4d1d8cf9c71fce1bcdda654fcf1123f41b5a42a4
10e7fdbaeade51e1f7f593355cd292d750e68d6b412e9ddfcea8ebcc2b4d5c3b
2689c76a522bd9b411ac288799b1c1dd18e2f96bb284de840926828af59c8517
26de07dd73786374a807a360158c28f7e6f4ac3be0ad17d2401521e5a289465c
2b0cf3798636fb6d1a119bcb49cf3c8f817264315e4298c576810966fb16c97c
40cd18bafa4b8c016fb9062868737207dcad9898139431d94116e240c4f3cb33
43bbfdd5b050730da3162f0a7bb3fd4a0630bb5c85e5227df299824ce6efdfa4
4459500680cc63a7fe3012983bee023b97644f5f2526e616b96fc897e64a2443
4a929681043fe76bcb364fc42d1142b3b5dbcb7dedd1f25c27ceab5e832c5761
5600b36a3c5c47a2c366f98ae5374a56bfa878f578d05f59b9b0b8cc8ee3a68b
6926b522cfe3ccd8341359a8885f3a943826ef1683d3c9576e21902b061329ce
70bfde3380108ca258f296bd76167e4ff5b6f7418e0f62064acd359e35e66281
8750355c472cd02b500c3098067843d22a3cf8a4d54dfb0300d274e81b30f448
d0de9fcadbcfe80e38edfafd43d58be839af4fb14533079dae76b9168b4229e8
d4d092bf6f1756eab6bba58b7b7da260bd95ecd474c03f71d9893a0dbb1106e3
dc66c896bf327751c8479c52bcde322bdf627a3e84f5305f873bc1e535b3b399
ddfd4b05469490c09cbeb9ad8a8ea32422f50ada7ec4b7a0fdcd5b5430c666f6
e9175c083dd30b9aafd6339f49b57c47f11ff513fedf5574aeea52f34cb230a1
ee6ef2ab637e9e6fe99885c6ac5948072f04b4dee3961e9e0fee05f04b4463f2